import { NestFactory } from '@nestjs/core';
import { ValidationPipe } from '@nestjs/common';
import { TransformInterceptor } from './common/interceptor/transform.interceptor';
import { SwaggerModule, DocumentBuilder } from '@nestjs/swagger';
import helmet from 'helmet';
// import * as csurf from 'csurf';
import { AppModule } from './app.module';
// 日期格式序列化
import { dateToJSON } from './common/utils';

async function bootstrap() {
  const app = await NestFactory.create(AppModule, {});

  // 加api前缀
  app.setGlobalPrefix('api');

  app.useGlobalPipes(
    new ValidationPipe({
      transform: true,
      whitelist: false, // 去除多余的参数，也会去掉没有任何装饰器的dto字段
    }),
  );

  // 全局拦截器
  // app.useGlobalInterceptors(new TransformInterceptor());

  // swagger配置
  const config = new DocumentBuilder()
    .setTitle('AI resume')
    .setDescription('The AI resume API')
    .setVersion('1.0')
    .addBearerAuth() // 全局jwt鉴权
    .addTag('/')
    .build();
  const document = SwaggerModule.createDocument(app, config);
  SwaggerModule.setup('api', app, document);

  // 设置内容安全策略csp
  app.use(
    helmet({
      crossOriginEmbedderPolicy: true,
      contentSecurityPolicy: {
        directives: {
          imgSrc: [
            `'self'`,
            'data:',
            'apollo-server-landing-page.cdn.apollographql.com',
          ],
          scriptSrc: [`'self'`, `https: 'unsafe-inline'`],
        },
      },
    }),
  );

  // 设置跨域
  app.enableCors();

  // CSRF跨站点请求保护
  // app.use(csurf());
  // 格式化日期数据
  dateToJSON();
  await app.listen(3000);
}
bootstrap();
